package com.sx.ems.controller.sys;


import com.sx.ems.controller.AbstractController;
import com.sx.ems.shiro.ShiroUtils;
import com.sx.ems.utils.MsgBean;
import com.sx.ems.utils.PageUtils;
import com.sx.ems.validator.Assert;
import com.sx.ems.entity.SysUser;
import com.sx.ems.service.SysUserRoleService;
import com.sx.ems.service.SysUserService;
import org.apache.commons.lang.ArrayUtils;
import org.apache.commons.lang.RandomStringUtils;
import org.apache.shiro.authz.annotation.RequiresPermissions;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.web.bind.annotation.*;

import java.util.Arrays;
import java.util.List;
import java.util.Map;

@RestController
@RequestMapping("/sys/user")
public class SysUserController extends AbstractController {

    @Autowired
    private SysUserService sysUserService;

    @Autowired
    private SysUserRoleService sysUserRoleService;

    /**
     * 修改登录用户密码
     */
    @RequestMapping("/password")
    public MsgBean password(String password, String newPassword) {
        Assert.isBlank(newPassword, "新密码不为能空");
        Assert.isBlank(password, "旧密码不为能空");

        //原密码
        password = ShiroUtils.sha256(password, getUser().getSalt());
        //新密码
        newPassword = ShiroUtils.sha256(newPassword, getUser().getSalt());

        if ( !password.equals(getUser().getPassword()) ) {
            return MsgBean.error("原密码不正确");
        }

        SysUser sysUser = new SysUser();
        sysUser.setUserId(getUserId());
        sysUser.setPassword(newPassword);
        boolean result = sysUserService.updateById(sysUser);
        if ( !result ){
            return MsgBean.error("修改失败，请重试！");
        }
        return MsgBean.ok();
    }


    @RequestMapping("/toUser")
    public String toList(){
        return "sys/user";
    }

    /**
     * 所有用户列表
     */
    @RequestMapping("/list")
    @RequiresPermissions("sys:user:list")
    public MsgBean list(@RequestParam Map<String, Object> params){
        PageUtils page = sysUserService.queryPage(params);
        return MsgBean.ok().put("page", page);
    }

    /**
     * 获取登录的用户信息
     */
    @RequestMapping("/info")
    public MsgBean info(){
        return MsgBean.ok().put("user", getUser());
    }


    /**
     * 用户信息
     */
    @RequestMapping("/info/{userId}")
    @RequiresPermissions("sys:user:info")
    public MsgBean info(@PathVariable("userId") Long userId){
        SysUser user = sysUserService.getById(userId);

        //获取用户所属的角色列表
        List<Long> roleIdList = sysUserRoleService.queryRoleIdList(userId);
        user.setRoleIdList(roleIdList);

        return MsgBean.ok().put("user", user);
    }

    /**
     * 保存用户
     */
    @RequestMapping("/save")
    @RequiresPermissions("sys:user:save")
    public MsgBean save(@RequestBody SysUser user){

        Assert.isBlank(user.getEmail(),"邮箱不能为空！");
        Assert.isBlank(user.getUsername(),"用户名不能为空！");
        String salt = RandomStringUtils.randomAlphanumeric(20);
        user.setSalt(salt);
        user.setPassword(ShiroUtils.sha256(user.getPassword(), user.getSalt()));
        sysUserService.save(user);



        return MsgBean.ok();
    }

    /**
     * 修改用户
     */
    @RequestMapping("/update")
    @RequiresPermissions("sys:user:update")
    public MsgBean update(@RequestBody SysUser user){
        //TODO 自己验证
        Assert.isBlank(user.getEmail(),"邮箱不能为空！");
        Assert.isBlank(user.getUsername(),"用户名不能为空！");
        Assert.isBlank(user.getPassword(),"密码不能为空！");


        if(user.getPassword()!=null) {

            //sha256加密
            String salt = RandomStringUtils.randomAlphanumeric(20);
            user.setSalt(salt);
            user.setPassword(ShiroUtils.sha256(user.getPassword(), user.getSalt()));
        }
        sysUserService.updateById(user);
        return MsgBean.ok();
    }

    /**
     * 删除用户
     */
    @RequestMapping("/delete")
    @RequiresPermissions("sys:user:delete")
    public MsgBean delete(@RequestBody Long[] userIds){
        if( ArrayUtils.contains(userIds, 1L)){
            return MsgBean.error("系统管理员不能删除");
        }

        if(ArrayUtils.contains(userIds, getUserId())){
            return MsgBean.error("当前用户不能删除");
        }
        sysUserService.removeByIds(Arrays.asList(userIds));
        return MsgBean.ok();
    }

}

